The Internal Revenue Service issued an alert this week warning that the W-2 form phishing scam has spread into more sectors of the economy, targeting small businesses, nonprofits, schools, and other organizations.

The scam involves an email sent to an HR or payroll employee, disguised as coming from an organization executive.

The email requests a list of all employees and their W-2 forms, a scam which is referred to as a business email compromise or business email spoofing.

Companies have also been asked to wire thousands of dollars to bank accounts managed by cyber criminals.

“This is one of the most dangerous email phishing scams we’ve seen in a long time,” said IRS Commissioner John Koskinen.

This is one of the most dangerous email phishing scams we’ve seen in a long time.
— IRS Commissioner John Koskinen
“It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns.

“We need everyone’s help to turn the tide against this scheme.”

The are coupling their efforts to steal employee W-2 information with an older scheme on wire transfers that is victimizing some organizations twice.

Organizations targeted by these scams are encouraged to forward it to phishing@irs.gov and place “W2 Scam” in the subject line.

Affected organizations should file also a complaint with the Federal Bureau of Investigation’s Internet Crime Complaint Center.

Employers should also consider developing an internal policy on the distribution of employee W-2 information and conducting wire transfers, especially if this policy does not exist or is not utilized.